Latest revision as of 08:31, 12 March 2013

Purpose: The primary aim of OWASP SCADA Security project is to gather information about different ICS/SCADA security threats related to WEB-applications and it’s environments, starting from reconnaissance (“foorprinting”) stage to vulnerabilities exploitation.

Primary goals:
-to aware ICS/SCADA developers about security vulnerabilities by providing information about found WEB-application viulnerabilities in software and firmware on famous vendors;
-to create and publish freeware and open-source tools for ICS/SCADA security assessment written on scripting languages.

Release description: The signatures for the most popular SCADA/RTU/PLC products of famous vendors. It covers several methods of detection through the application level protocols such as HTTP, FTP, SSH. The aim of the cheet sheet is to gather information about the criteria useful for external reconnaissance stage from the hacker side. Additionally, this information will be used for the SCADA Honeypot developing within the project. The file will be regularly updated, feel free to send own signatures and methods of detection.